The above is installed in a production celluar data provider network. Just, $sad$ in so many ways.
Even the numerous huawei security notices tells you to watch out & restrict snmp access.
http://support.huawei.com/support/pages/news/NewsInfoAction.do?actionFlag=view&doc_id=IN0000054930&colID=ROOTENWEB|CO0000000170
Looking at the above security anonoucement , I can conclude that this firewall is;
1: probably at risk
2: not running the latest code from huawei
3: should never have ReadWrite Access via a community string of "private" ( yes RW was set for private, RO = public no restrictions )
4: much less open to the untrusted internet on a public interface
5: uses some very weak logins
So without trying this is what I gathered from a snmpwalk using the RW community of "private".
http://www.oidview.com/mibs/2011/HUAWEI-AAA-MIB.html
Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( * * )=
o
/ \
No comments:
Post a Comment